Privacy

Related Projects

Related Topics

Privacy has become one of the defining issue of the Information Age. CIS has received national recognition for its interdisciplinary and multi-angle examination of privacy, particularly as it relates to emerging technology.

Albert Gidari is the Director of Privacy at the Stanford Center for Internet and Society. He was a partner for over 20 years at Perkins Coie LLP, achieving a top-ranking in privacy law by Chambers. He negotiated the first-ever "privacy by design" consent decree with the Federal Trade Commission on behalf of Google, which required the establishment of a comprehensive privacy program including third party compliance audits. Mr.

Jennifer Stisa Granick is the Director of Civil Liberties at the Stanford Center for Internet and Society. She is the author of a forthcoming book from Cambridge University Press entitled American Spies: Modern Surveillance, Why You Should Care, and What To Do About It. From 2001 to 2007, Granick was Executive Director of CIS and taught Cyberlaw, Computer Crime Law, Internet intermediary liability, and Internet law and policy. From 2007 to 2010 she served as the Civil Liberties Director at the Electronic Frontier Foundation.

Norberto Andrade is a Postdoctoral Research Fellow scholar at UC Berkeley School of Law, Berkeley Center for Law & Technology (BCLT), and a Fellow at the Hague Institute for the Internationalisation of Law (HiiL, The Netherlands). He has worked as a Scientific Officer at the Institute for Prospective Technological Studies (IPTS) of the European Commission’s Joint Research Centre, and as a legal expert in the field of telecommunications at the Portuguese Regulatory Authority for Communications (ANACOM).

Charles Belle is the founder and Executive Director of Startup Policy Lab, a new nonprofit think tank dedicated to connecting policymakers and the startup community. Examining public policy at the nexus of startups and technology, Charles' research is currently focused on privacy and how to support local government open data initiatives while simultaneously protecting citizen privacy.

Pages

Click the local Home Depot ad and your email address gets handed to a dozen companies monitoring you. Your web browsing, past, present, and future, is now associated with your identity. Swap photos with friends on Photobucket and clue a couple dozen more into your username. Keep tabs on your favorite teams with Bleacher Report and you pass your full name to a dozen again. This isn't a 1984-esque scaremongering hypothetical. This is what's happening today.

[Update 10/11: Since several readers have asked – this study was funded exclusively by Stanford University and research grants to the Stanford Security Lab. It was not supported by any advocacy organization.]

Technology users are becoming frustrated over privacy-invasive terms of use agreements. In the past, this frustration was difficult to channel effectively enough to regularly change the terms. However, that futility is slowly abating. Users are increasingly attempting to negotiate the terms of their agreement through technology or a protracted exchange of public criticism and response. I would like to explain why a few recent developments leave me optimistic that a combination of resistance and innovation can offset some of the inequities in the standard-form contracts formed between users and websites.

In a highly important decision, the Tel Aviv District Court annulled this week a forum selection clause in a clickwrap contract, holding the user was not sufficiently aware of the choice of foreign forum nor of the fact he was contracting with a foreign company; and has not clearly consented to such choice.

A number of technologies have been touted to offer consumers control over third-party web tracking. This post reviews the tools that are available and presents empirical evidence on their effectiveness. Here are the key takeaways:

Most desktop browsers currently do not support effective self-help tools. Mobile users are almost completely out of luck.

On Friday, the President’s Commission on Enhancing National Cybersecurity published its final report, making 16 recommendations and identifying 53 action items to improve cybersecurity in the United States.

Palo Alto lawmakers have proposed legislation granting the community greater control over police surveillance — including the Police Department’s purchase and use of equipment such as drones, license plate readers and social media monitoring software. Palo Alto and 10 other cities around the country that have proposed similar laws are part of a movement to bring the community and elected representatives into decisions by local police to acquire such powerful and invasive surveillance technologies. We all should urge our own elected representatives to take similar steps.

As users of Twitter and many other services probably know, large parts of the Internet weren’t working Friday, thanks to a hacking attack on the Internet’s infrastructure. NBC reported that a senior intelligence official told the network that the hack “does not appear at this point to be any kind of state-sponsored or directed attack.” It may be that new evidence emerges that leads the U.S.

Pages

Arguing that a defendant’s conviction for website hacking should be overturned because legitimate, highly valuable security and privacy research commonly employs techniques that are essentially identical to what the defendant did and that such independent research is of great value to academics, government regulators and the public even when – often especially when — conducted without a website owner’s permission.

Arguing that the information publicly available on the NSA's Upstream program, combined with an understanding of how the Internet works, means plaintiff Wikimedia has met its burden of proving standing to challenge Upstream.

Arguing that if the court should not compel Apple to create software to enable unlocking and search of the San Bernardino shooter’s iPhone, it will jeopardize digital and personal security more generally.

"Preventing algorithmic discrimination is a challenge. It’s not easy to hold companies to the laws that would protect consumers from unfair credit practices, says Danielle Citron, a law professor at the University of Maryland. “We don’t have hard and fast rules. It’s the Wild West in some respects.”"

"Omer Tene, Vice President of Research and Education for International Association of Privacy Professionals, added “Clearly, the biggest challenge for businesses in 2017 will be preparing for the entry into force of the GDPR, a massive regulatory framework with implications for budget and staff, carrying stiff fines and penalties in an unprecedented amount.”

"“Our decision to conclude the litigation was based solely on the fact that, with the recent assistance of a third party, we are now able to unlock that iPhone without compromising any information on the phone,” U.S.

"Elizabeth Joh, a criminal law professor at the University of California, Davis, told Ars that this situation was alarming. “Errors do occur in the criminal justice system, but in the past only people were to blame,” she e-mailed. “How do you blame software, and who is responsible? These kinds of systemic technology problems pose a real challenge to individual criminal defendants, who may sometimes not be aware of the source of the error—and it looks like Tyler Technologies is rejecting any responsibility.”"

Pages

Stanford CIS brings together scholars, academics, legislators, students, programmers, security researchers, and scientists to study the interaction of new technologies and the law and to examine how the synergy between the two can either promote or harm public goods like free speech, innovation, privacy, public commons, diversity, and scientific inquiry. Come hear CIS Directors Jennifer Granick + Daphne Keller and Resident Fellows Riana Pfefferkorn + Luiz Fernando Marrey Moncau talk about our work, and the assistance CIS provides to students in learning about these issues, selecting courses, identifying job opportunities, and making professional connections.

What kind of surveillance assistance can the U.S. government force companies to provide? This issue has entered the public consciousness due to the FBI's demand in February that Apple write software to help it access the San Bernardino shooter's encrypted iPhone. Technical assistance orders can go beyond the usual government requests for user data, requiring a company to actively participate in the government's monitoring of the targeted user(s).

If you're in the Bay Area, come out to the filming of our second episode of Ars Technica Live, a monthly interview series with fascinating people who work at the intersection of tech, science, and culture. Join us this Wednesday, May 18, in Oakland, California, from 7 to 9pm for a discussion with law professor Elizabeth Joh about technology, surveillance, and law enforcement.

Sextortion—defined as blackmail (often by the threat of releasing sexually explicit images of the victim) carried out over a computer network, which forces victims to engage in some form of sexual activity online—is a new term for a new crime. The remote coercion of sex is a crime that was impossible until recently, but with the expansion of the Internet and proliferation of webcams, Sextortion is a growing form of exploitation. This remarkably understudied crime has affected thousands of people, almost entirely women and children.

Pages

"FBI Director James Comey has said that voter-registration sites in at least a dozen states — including Arizona — were targeted by hackers.

Department of Homeland Security Secretary Jeh Johnson has broached the idea of increasing the protection for the nation’s voting systems. They could potentially be put under the umbrella of critical infrastructure, which currently includes the electrical grid and the banking system, among other things.

Jennifer Granick talks about how notions of privacy have changed over the years and where she thinks things are headed in the future. She is a professor at the Stanford School of Law and Director of Civil Liberties at the Center for Internet and Society, where she specializes in the intersection of engineering, privacy and the law.